Professional Documents
Culture Documents
CORP Ebook Vice Society 05082023
CORP Ebook Vice Society 05082023
Vice Society
The #1 threat to schools, colleges, and universities
May 2023
2
Threat Brief: Vice Society
In the last 12 months, the Vice Society ransomware gang has conducted more attacks against education targets globally,
and in the USA and the UK individually, than any other ransomware group.
Ransomware attacks against education cause misery and disruption, have delayed exams and cancelled school days,
destroy data, violate data privacy norms and laws, and require expensive, time-consuming recovery efforts.
Vice Society
Other
LockBit
ALPHV
BianLian
AvosLocker
Royal
0 10 20 30 40 50
Figure 1: Known attacks on education targets ordered by ransomware gang, April 2022-March 2023
3
Threat Brief: Vice Society
Between April 2022 and March 2023, 39% of known Vice Society attacks hit education, compared to an average of 4%
across all the other ransomware gangs tracked by Malwarebytes.
In the USA, Vice Society has been the most prolific among a number of groups actively attacking education in the last 12
months, while in the UK it accounted for a staggering 70% of all attacks on the sector.
Education
Services
Healthcare
Government
Logistics
Figure 3: Distribution
Retail of known ransomware
attacks by industry
Technology
sector, April
Wholesale 2022-March 2023
Manufacturing
IT Services
Other
Construction
Vice Society’s targeting of education is vulnerable; however, the opportunistic an entire organisation. To achieve
undoubtedly deliberate and has likely targeting … can still put school districts this, attackers may work for several
allowed the gang to develop domain- with robust cybersecurity programs at days, or even weeks, inside a
specific techniques and expertise. risk.” victims’ network before running their
ransomware.
According to CISA, “School districts with A Vice Society attack is not directed
limited cybersecurity capabilities and at an individual computer but uses
constrained resources are often the most encryption and data theft to compromise
Vice Society
4
BianLian
Hive
Medusa
3
AvosLocker
Royal
2
LockBit
0
April 2022 May 2022 June 2022 August 2022 Sept 2022 Oct 2022 Nov 2022 Dec 2022 Jan 2023 Feb 2023 March 2023
data, taken steps to cover their tracks, Use two-factor authentication on Internet-facing
Compromised accounts
and will have sufficient access to your accounts.
Malwarebytes believes that when people and organizations are free from threats, they are free to thrive. Much more than malware remediations, the
company provides cyberprotection, privacy, and prevention to tens of thousands of consumers and organizations every day. For more information,
visit https://www.malwarebytes.com.
Copyright © 2023, Malwarebytes. All rights reserved. Malwarebytes and the Malwarebytes logo are trademarks of Malwarebytes. Other marks and brands may be claimed as the property of others.
All descriptions and specifications herein are subject to change without notice and are provided without warranty of any kind. 05/2023